<style type="text/css">

div.kom
{
	width: 550px;
	border-color:#97D0FB;
	border-width:thin;
	border-style:solid;
	margin-left:40px;
	display:table;
}

div.head
{
	height:20px;
	color:#FFF;
	background:#97D0FB;
	/*padding-top:2px;*/
}

div.nazwisko
{
	float:left;
	font-size:18px;
	padding-left:20px;
	
}
div.date
{
	float:right;
	padding-right:20px;
	font-size:14px;
}
div.text
{
	padding:10px;
	width:510px;
	float:right;
	visibility:visible;
}

div.long
{
	height:40px;
	width:20px;
	float:left;
}

</style>

<script language="javascript" type="text/javascript">
    function showHideDiv()
    {
		var str = '<form method="post"><br/><br/>'+
					'<input type="hidden" name="id" value="'+get("id")+'"/>'+
					'<strong>Imię i Nazwisko</strong><br/>'+
					'<input type="text" name="name" style="width:400px;"/><br/><br>'+
					'<strong>Treść komentarza</strong><br/>'+
					'<textarea name="text" style="width:500px;height:150px;"></textarea></br>'+
					'<input type="submit" value="Wyślij"/>'+
				'</form>';
				
			var ob = document.getElementById("form");
			ob.innerHTML = str;
			document.getElementById("button").style.visibility = "collapse";
    }
	
	function get(key_str) {
	if(window.location.search) {
		var query = window.location.search.substr(1);
		var pairs = query.split("&");
		for(var i = 0; i < pairs.length; i++) {
			var pair = pairs[i].split("=");
			if(unescape(pair[0]) == key_str)
				return unescape(pair[1]);
		}
	}
}
</script>

<?php
	if($_POST["name"]!="" && $_POST["text"]!="" && $_POST["id"] != "" )
	{
		$conection = mysql_connect($mysql_host,$mysql_user,$mysql_password);
		mysql_set_charset('utf8',$conection);
		@mysql_select_db($mysql_database) or die("Nie udało się wybrać bazy danych");
		
		
		$query = "INSERT INTO `KOM_N` (`ID_N`,`DATE`,`NAME`,`TEXT`) VALUES ('".$_POST['id']."','".date("Y-m-d H:i:s")."','".$_POST['name']."','".$_POST['text']."')";
		mysql_query($query);
		if(mysql_error())
			die("Nie udało się dodać komentarza :(");
			//die(mysql_error());
					
		echo "Dodano komentarz<br/>Komentarz bedzie widoczny po zatwierdzeniu przez administratora";
		mysql_close();
	}
	else
	{
		if($_GET["id"] == "")
			die("Niepoprawne wartosci podane do URL");
			
		$conection = mysql_connect($mysql_host,$mysql_user,$mysql_password);
		mysql_set_charset('utf8',$conection);
		@mysql_select_db($mysql_database) or die("Nie udalo sie wybrac bazy danych");
		$query = "SELECT * FROM `NEWS` WHERE ID ='".$_GET["id"]."'";
		$result = mysql_query($query);
		
		if(mysql_error())
			die(mysql_error());
		if(mysql_num_rows($result) != 1 )
			die("Niepoprawne wartosci podane do URL");
			
		$row = mysql_fetch_assoc($result);
		$date = date_create($row['DATE']);
		echo "<b style=\"font-size:24px;\">".$row['TITLE']."</b><br/>
			  ".date_format($date,'Y-m-d')."<br/>
			 	".$row['TEXT']."<br/><br/>";
		if( $row['ILOSC_KOM'] != 0)
		{	
			$query = "SELECT * FROM `KOM_N` WHERE `ID_N` = '".$_GET["id"]."' AND `ACCESS` = '1' ORDER BY `DATE` DESC";
			$result = mysql_query($query);
			if(mysql_error())
				die("Nie udało sie wyswietlić komentarzy :(");
				
			while($row = mysql_fetch_assoc($result))
			{
				$date = date_create($row['DATE']);
				echo "
					<div class=\"kom\">
						<div class=\"head\">
							<div class=\"nazwisko\"><b>".$row['NAME']."</b></div>
							<div class=\"date\">".date_format($date,'Y-m-d H:i:s')."</div>
						</div>
						<div class=\"long\"></div>
						<div class=\"text\">".$row['TEXT']."</div>
					</div><br/>";
			}
		}
			echo '<button id="button" style="text-align:center;" onclick="showHideDiv()">Dodaj komentarz</button>';
			echo '<div style="text-align:center;" id="form"></div>';
		}
?>


